CVE-2003-0449
Progress Database 9.1 - Environment Variable Privilege Escalation
Severity Score
4.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter, as demonstrated using librocket_r.so in _dbagent.
Progress Database 9.1 a 9.1D06 se confia en la entrada del usuario para cargar librerias usando dlopen, lo que permite a usarios locales ganar privilegios mediante
una variable de entorno PATH que apunta a las librerías maliciosas, como ha sido demostrado usando libjutil.so en _proapsv, o el parámetro de línea de comandos -installdir, como ha sido demostrado usando librocket_r.so en _dbagent.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-06-14 First Exploit
- 2003-06-19 CVE Reserved
- 2003-06-20 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=105561134624665&w=2 | Mailing List | |
| http://marc.info/?l=bugtraq&m=105561189625082&w=2 | Mailing List |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/22773 | 2003-06-14 | |
| http://www.secnetops.com/research/advisories/SRT2003-06-13-0945.txt | 2024-08-08 | |
| http://www.secnetops.com/research/advisories/SRT2003-06-13-1009.txt | 2024-08-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|